Get User SID From Logon ID (Windows XP and Up)

前端 未结 4 839
余生分开走
余生分开走 2020-12-21 05:25

I have a Windows service that needs to access registry hives under HKEY_USERS when users log on, either locally or via Terminal Server. I\'m using a WMI query on win32_logon

相关标签:
4条回答
  • 2020-12-21 05:27

    I asked a very similar question a while back and got this answer: how to get a SID from a windows username.

    I was planning on using SystemEvents to detect when a user logs on to windows, then looping through the logged on users list at that point to detect all the logged on users. (Here's my question, about all this including references for detecting logons and current users.)

    If you decide on an approach please post an update - I'd be interested to hear what you find works well.

    0 讨论(0)
  • 2020-12-21 05:28

    Another working answer (code in VB.Net)

    Public Function GetSIDfromAccName(ByVal strAccName As String) As String
            Debug.WriteLine("***WMI-GetSIDfromAccName***")
            Dim strSID As String = ""
            Try
                Dim wmiClass As System.Management.SelectQuery = New System.Management.SelectQuery(("Select * from Win32_UserAccount where Name='" _
                  + (strAccName + "'")))
                Dim wmiSearcher As System.Management.ManagementObjectSearcher = New System.Management.ManagementObjectSearcher(wmiClass)
                For Each val As System.Management.ManagementBaseObject In wmiSearcher.Get
                    strSID = val("SID").ToString
                Next
            Catch e As Exception
                Debug.WriteLine(e.ToString)
            End Try
            Return strSID
        End Function
    
    0 讨论(0)
  • 2020-12-21 05:33

    Another simple way: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion \ProfileList

    0 讨论(0)
  • 2020-12-21 05:36

    Powershell is easier.

    Function GetSIDfromAcctName()
    {
    $myacct = Get-WmiObject Win32_UserAccount -filter "Name = '$env:USERNAME " 
    write-host Name: $myacct.name
    Write-Host SID : $myacct.sid
    }
    
    0 讨论(0)
提交回复
热议问题